Abstract
Software is becoming an important part of the innovation for vehicles. In addition, the systems in vehicles become interconnected and also get external connections, to the internet and Vehicular Ad hoc NETworks (VANETs). These trends form a combined security and safety threat, because recent research has demonstrated a large number of security gaps for in-vehicle systems and their external connections.
This overview paper presents attacker incentives and the most important security risks that are identified for the parts that make up a cooperative mobility system. For cooperative systems, the application data integrity must be validated to determine if values can be trusted. Furthermore, secure alternatives will be required for positioning, in order to be usable by safety critical systems. To create a secure in-vehicle system, it should be secure by design. In addition to the technical challenges, overarching cyber security dilemmas are addressed, such as stimulating the economy vs. improving security. We expect that the discussed risks will be a challenge for research, industry and authorities in the coming years.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Almgren, M., et al.: Deliverable d6.2: Intermediate report on the security of the connected car. Technical report, SysSec (September 2012)
Apvrille, L., et al.: Secure automotive on-board electronics network architecture. In: World Automotive Congress (May 2010)
Arilou Tech. Car cyber security (December 2012), http://www.ariloutech.com/pages/carcyber.htm
Bailey, D.: War texting: Identifying and interacting with devices on the telephone network. Blackhat USA (2011)
Barton, M.: Mercedes revs mbrace2 with cloud updates (September 2012), http://www.wired.com/insights/2012/04/mercedes-mbrace2/
Becher, M., et al.: Mobile security catching up? revealing the nuts and bolts of the security of mobile devices. In: IEEE Symposium on Security and Privacy (SP), pp. 96–111 (May 2011)
BWM Group. BWM connected drive 2012: Press release (2012), https://www.press.bmwgroup.com/pressclub/p/pcgl/download.html?textId=156904&textAttachmentId=192779
Capkun, S., Hubaux, J-P.: Secure positioning of wireless devices with application to sensor networks. In: Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), vol. 3, pp. 1917–1928. IEEE (2005)
Charette, R.: This car runs on code (February 2009), http://www.spectrum.ieee.org/feb09/7649
Checkoway, S., et al.: Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of USENIX Security (2011)
Commtouch. Commtouch internet threats trend report 2013 february (2013), http://www.commtouch.com/uploads/pdf/Commtouch-Internet-Threats-Trend-Report-2013-February.pdf
Daimler Technicity. mbrace2: The most important services of the new telematics platform in the U.S. (2012), http://www.daimler-technicity.de/en/mbrace2-services/
de Kievit, S., et al.: European Patent 12197138 (2012)
ESET Latin America’s Lab. Trends for 2013: Astonishing growth of malware (2012), http://go.eset.com/us/resources/white-papers/Trends_for_2013_preview.pdf
ETSI. Intelligent transport systems (its); security; security services and architecture. Technical Report ETSI TS 102 731 V1.1.1, Sophia Antipolis Cedex - FRANCE, DTS/ITS-0050001 (September 2010)
ETSI. Intelligent transport systems (its); security; threat, vulnerability and risk analysis (tvra). Technical Report ETSI TR 102 893 V1.1.1, Sophia Antipolis Cedex - FRANCE, DTR/ITS-0050005 (March 2010)
Felt, A., et al.: A survey of mobile malware in the wild. In: Proc. of the Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 3–14. ACM (2011)
Ford Motor Company. Ford launches app developer program marking new course for customer-driven innovation and value creation (2013), http://media.ford.com/article_display.cfm?article_id=37551
Francillon, A., Danev, B., Capkun, S.: Relay attacks on passive keyless entry and start systems in modern cars. IACR ePrint Report 332 (2010)
Glass, M., et al.: Seissecurity in embedded ip-based systems. ATZelektronik Worldwide 5(1), 36–40 (2010)
Henniger, O., et al.: Securing vehicular on-board it systems: The evita project. In: VDI/VW Automotive Security Conference (2009)
Kargl, F., et al.: Secure vehicular communication systems: implementation, performance, and research challenges. IEEE Communications Magazine 46(11), 110–118 (2008)
Kia Motors America. Kia motors announces google maps integration to enhance in-car connectivity (2013), http://www.prnewswire.com/news-releases/kia-motors-announces-google-maps-integration-to-enhance-in-car-connectivity-185401682.html
Klimburg, A., et al.: National Cyber Security Framework Manual. NATO CCD COE, Tallinn (2012)
Koscher, K., et al.: Experimental security analysis of a modern automobile. In: IEEE Symposium on Security and Privacy (SP), pp. 447–462 (2010)
Mollman, S.: From cars to tvs, apps are spreading to the real world (October 2009), http://edition.cnn.com/2009/TECH/10/08/apps.realworld/index.html
Papadimitratos, P., et al.: Secure vehicular communication systems: design and architecture. IEEE Communications Magazine 46(11), 100–109 (2008)
Passchier, I., et al.: New services enabled by the connected car. Technical report, TNO, SMART 2010/0065, TNO-RPT-2011-01277 (June 2011)
Ploeg, J., et al.: Design and experimental evaluation of cooperative adaptive cruise control. In: Intelligent Transportation Systems (ITSC), pp. 260–265. IEEE (2011)
Raya, M., Hubaux, J.: The security of vehicular ad hoc networks. In: Proc. of Workshop on Security of Ad Hoc and Sensor Networks, pp. 11–21. ACM (2005)
Rouf, I., et al.: Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. In: Proceedings of USENIX Security, pp. 323–338 (2010)
Schoch, E., et al.: Communication patterns in vanets. IEEE Communications Magazine 46(11), 119–125 (2008)
Shabtai, A., et al.: Google android: A comprehensive security assessment. Security & Privacy 8(2), 35–44 (2010)
Simmonds, A., Sandilands, P., van Ekert, L.: An ontology for network security attacks. Applied Computing, 317–323 (2004)
Wolf, M., Weimerskirch, A., Paar, C.: Security in automotive bus systems. In: Workshop on Embedded IT-Security in Cars, pp. 11–12 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Bijlsma, T., de Kievit, S., van de Sluis, J., van Nunen, E., Passchier, I., Luiijf, E. (2013). Security Challenges for Cooperative and Interconnected Mobility Systems. In: Luiijf, E., Hartel, P. (eds) Critical Information Infrastructures Security. CRITIS 2013. Lecture Notes in Computer Science, vol 8328. Springer, Cham. https://doi.org/10.1007/978-3-319-03964-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-03964-0_1
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03963-3
Online ISBN: 978-3-319-03964-0
eBook Packages: Computer ScienceComputer Science (R0)